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SPECIFICATION 



To all whom it may concern: 

Be It Known, That we, JOHN C. GOODWIN, III and JOHN BRIAN FRANCIS, 
of Suwanee, GA and Alpharetta, GA, respectively, have invented certain new and useful 
improvements in PRIVATE DATA PROTECTION METHOD FOR A NETWORK 
KIOSK, of which we declare the following to be a full, clear and exact description: 
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PRIVATE DATA PROTECTION 
METHOD FOR A NETWORK KIOSK 

Background of the Invention 

The present invention relates to self-service kiosks 
and more specifically to a private data protection method 
for a network kiosk. 

Retailers have a desire to sell their products over 
networks, such as global networks which are a part of the 
World Wide Web (WWW or "web") and which use the 
Transmission Control Protocol/Internet Protocol (TCP/IP 
protocol). These retailers wish to provide Internet server 
web sites which offer the same features as Internet server 
web sites available to home shoppers who use their 
computers to connect to the Internet server web sites. 

Kiosks provide a publicly-accessible computing 
platform for displaying web pages from retailer web sites." 
Kiosks may be located within a retailer's transaction 
establishment or elsewhere, such as in shopping malls. 
Kiosks may be easily networked to retailer web sites using 
the TCP/IP protocol. Web pages from web sites may be 
displayed using known and available web software, such as 
Microsoft® Internet Explorer software. 

One problem with public use of a network kiosk is that 
private information may be compromised to others in the 
vicinity of the kiosk. For example, during the purchase of 
an item using the kiosk, a user must enter a credit card ' 
number to complete payment. Others near the kiosk may see 
the credit card number. 

One solution to the problem is to put a private 
cubicle or other structure around the kiosk. Such 



structures can be costly. They can also diminish the 
kiosk's ability to attract people to use it. 

Therefore, it would be desirable to provide a method 
of protecting private data, such as credit card numbers, 
for a network kiosk which obviates the need for a shielding 
structure . 

Summary of the Invention 

In accordance with the teachings of the present 
invention, a private data protection method for a network 
kiosk is provided. 

The method includes the steps of determining fields in 
the web page which contain the private data by the kiosk, 
and masking the private data by the kiosk. 

It is accordingly an object of the present invention 
to provide a private data protection method for a network 
kiosk . 

It is another object of the present invention to mask 
each character of entered private data with a symbol. 

It is another object of the present invention to 
protect credit card numbers and other private data by 
displaying mask characters instead. 



Brief Description of the Drawings 

Additional benefits and advantages of the present 
invention will become apparent to those skilled in the art 
to which this invention relates from the subsequent 
description of the preferred embodiments and the appended 
claims, taken in conjunction with the accompanying 
drawings, in which: 
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Fig. 1 is a block diagram of a transaction processing 
system including a network kiosk; 

Fig. 2 is a depiction of a private data configuration 
file; and 

Fig. 3 is a flow diagram illustrating the access 
limitation method of the present invention. 

Detailed Description of the Preferred Embodiment 

Turning now to Fig. 1, transaction system 10 includes 
kiosk 12 and server 14 . Kiosk 12 is preferably located 
within a transaction establishment, such as a retail store, 
or transaction environment, such as a shopping mall. Kiosk 
12 may include an NCR 7401 computer. 

Kiosk 12 primarily includes processor 16, touch screen 
18, memory 20, and storage medium 22. Kiosk 12 may 
additionally include a number of peripherals, including 
magnetic strip reader (MSR) 24, printer 26, and scanner 28. 

To assist with execution of certain tasks performed by 
kiosk 12, kiosk 12 includes a built-in time keeping device, 
commonly referred to as a system clock, which is 
synchronized with current time, in order to automatically 
execute the tasks at their scheduled times. 

Processor 16 controls operation of kiosk 12 and 
executes web browser software 32 and web wrapper software 
36. 

Web browser software 32 allows an operator to access 
information and purchase products from retailers through 
network 14, which preferably includes World Wide Web (WWW 
or "web") servers. Web browser software 32 may include 
commercially-available web browser software, such as 
Microsoft® Internet Explorer web browser software. 
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Microsoft® Internet Explorer web browser software is 
configured into a kiosk operation using a "-k" command line 
option. This option hides toolbars and menubars to prevent 
operator access to those functions. 

Web browser software 32 retrieves and displays web 
pages 44 from network 14, which includes a plurality of 
interconnected servers. Web pages 44 include web pages 
which display information about products and services 
offered by the kiosk owner as well as other web pages. Web 
pages 44 assist operators to find information about 
products sold by the kiosk owner and to complete purchases 
of such products. For this purpose, web pages 34 may 
include a start or "home" page which operates as a default 
page from which operation begins and to which operation 
returns when an operator is finished using kiosk 12. Web 
pages 44 may be written using hypertext markup language 
(HTML) or other suitable web page language. 

Web wrapper software 36 provides security functions. 
During operation, web wrapper software 36 prevents an 
operator from accessing kiosk files, other applications, 
the operating system software, or basic input-output system 
(BIOS) firmware, and prevents the operator from causing 
kiosk 12 to reboot. 

Under the present invention, web wrapper software 36 
additionally determines whether a displayed web page 
contains private data fields. Web wrapper software 36 masks 
any private data entered into the private data fields by an 
operator . 

Touch screen 18 includes display 40 and input device 
42. Display 40 and input device 42 may also be separate 
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units. Input device 42 may record personal information from 
an operator. 

Memory 20 is used by processor 16 to store executed 
program information, including web wrapper software 
information. 

Storage medium 22 stores software including web 
wrapper software 36. 

MSR 24 reads loyalty, credit, debit, SMART, and/or 
other types of cards carried by an operator. MSR 24 may 
record personal information from an operator. 

Printer 26 prints information from web wrapper 
software 32, including information on web pages 44 from 
server 14. For example, printer 26 may print information 
relevant to a transaction completed by an operator using 
kiosk 12. 

Scanner 28 reads bar codes on products to obtain 
product identification numbers. Kiosk 12 queries a 
transaction server with the identification numbers to 
obtain information about the product and displays the 
information. 

Turning now to Fig. 2, private data configuration file 
38 includes records for each page in which private data may 
be entered. Each record includes entries PAGE, FIELD, and 
DESCRIPTION. 

Entry PAGE identifies a particular web address or 
Uniform Resource Locator (URL) for a web page which 
contains fields requiring private data. 

Entry FIELD identifies particular fields which 
requires private data. An example field would be a field 
which requires a credit card number. 



Entry DESCRIPTION describes the private data 
associated with the listed fields. This entry assists the 
kios r k owner in managing protection of private data. 

Web wrapper software 36 compares an address of a 
displayed web page with entries PAGE in private data 
configuration file 38 to determine whether the address is 
listed. If the address is listed, web wrapper software 36 
reads record 4 6 for the web page to determine which fields 
require private data. If the operator enters private data ' 
into the fields, web wrapper software 36 masks the private 
data . 

Turning now to Fig. 3, the method of the present 
invention is illustrated beginning with START 60. 

In step 62, web wrapper software 36 waits for a web - 
page to be displayed by web browser software 32. 

In step 64, web wrapper software 36 obtains the 
address for the displayed web page. 

In step 66, web wrapper software 36 compares the 
address to the addresses under entries PAGE in private data 
configuration file 38. If the address of the web page is in 
one of the records 46 in private data configuration file 
38, operation proceeds to step 68, otherwise operation 
returns to step 62 to wait for another page to be 
displayed. 

In step 68, web wrapper software 36 reads entries 
FIELD in the corresponding record to identify all fields in 
the displayed web page which require private data. 

In step 70, web wrapper software 36 determines whether 
private data has been entered into the fields. If so, 
operation continues to step 74. Otherwise, operation 
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proceeds to step 72 to wait for another web page to be 
displayed . 

In step 74, web wrapper software 36 masks private 
data. For example, web wrapper software 36 may mask each 
character of private data with a symbol as it is 

entered . 

Optionally, the field type may also be changed to 
x password' , which will automatically cause masking, but 
this change would require web wrapper software 36 to change 
HTML code on the fly on the way into web browser software 



Operation returns to step 62 to wait for another web 
page to be displayed. 

Although the present invention has been described with 
particular reference to certain preferred embodiments 
thereof, variations and modifications of the present 
invention can be effected within the spirit and scope of 
the following claims. 
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